Ransomware is a type of software used by hackers that prevents access to a company’s or person’s data; those who use it, charge a ransom, usually in bitcoins, so that access can be restored. The word ransom, in English, means ransom; if it is not paid, the data is erased or otherwise made public, causing damage to its owners.
Ransomware attacks claimed thousands of victims in the United States during the year 2020: about 2,500 government agencies, educational and health institutions, as well as private companies, were affected. There is no information on the number of individuals attacked.
While some organizations give in to these ransom requests, paying high sums because they believe this is the fastest way to get back to operating normally, others refuse to pay and it may be a long time before their systems go back online.
Companies are paying ransoms even with backups
But the bad news is that some of the organizations that are the victims of attacks are paying ransoms, despite being able to restore their applications and data from backups, in order to prevent hackers from making stolen data public.
The financial damage caused by ransomware attacks is likely to be in the billions of dollars and could grow, now that criminals have realized that even organizations that are back up and running quickly thanks to backups are willing to pay to avoid disclosing their data.
A classic example of the size of the damage that such an attack can cause is that of Garmin; reportedly, the company paid ten million dollars to regain access to its data.
Of course, very large organizations have policies and tools that make these attacks difficult, but even smaller companies can take relatively simple steps in the search for security: phishing remains one of the main methods of distributing ransomware, especially after the increase in remote work. As a result, organizations must make their employees aware of the importance of the necessary care when opening emails and attachments.
Organizations should also make sure that they have a good patching strategy and that the latest security updates have been applied. This prevents criminals from taking advantage of known vulnerabilities to distribute ransomware and other malware.
Backing up regularly should also be a priority, because if the worst happens and the organization is the victim of an attack, the network can be restored quickly, without paying a ransom, although the danger of data disclosure persists.
It is important that everyone is aware of the need to adopt strong measures for the security of their data – after all, they are the oil of the 21st century.
Vivaldo José Breternitz, author of this article, holds a PhD in Sciences from the University of São Paulo and professor at the Faculty of Computing and Informatics at Universidade Presbiteriana Mackenzie.